What is it known as when it is possible to attack a system using another compromised system quizlet?

■ Length—a longer password is more secure. Around 9-12 characters is suitable for an ordinary user account. Administrative accounts should have longer passwords (14 or more characters).

■ Complexity can improve the security of a password: ● No single words—better to use word and number/punctuation combinations.
● No obvious phrases in a simple form—birthday, user name, job title, and so on.
● Mix upper and lowercase (assuming the software uses case-sensitive passwords).

■ Memorability—artificial complexity makes a password hard to remember, meaning users write them down or have to reset them often. Using a long phrase, perhaps with one or two symbols and numerals mixed into it, can offer a good balance between complexity and memorability.

■ Maintain confidentiality—do not write down a password or share it with other users.

■ History/expiration—change the password periodically. Many systems can automatically enforce password expiration, meaning users have to choose a new password. Such a system may also keep a history of previously used passwords and prevent the user from choosing the same one again.

■ Reuse across sites—a typical user might be faced with having to remember tens of logons for different services at work and on the Internet and resort to reusing the same password for each. This is unsecure, as your security becomes dependent on the security of these other (unknown) organizations. Users must be trained to practice good password management, or at the very least not to re-use work passwords for web accounts.

accuracy An attribute of information that describes how data is free of errors and has the value that the user expects.

authenticity An attribute of information that describes how data is genuine or original rather than reproduced or fabricated.

availability An attribute of information that describes how data is accessible and correctly formatted for use without interference or obstruction.

confidentiality An attribute of information that describes how data is protected from disclosure
or exposure to unauthorized individuals or systems.

integrity An attribute of information that describes how data is whole, complete, and uncorrupted.
personally identifiable information (PII) A set of information that could uniquely identify an individual.

possession An attribute of information that describes how the data's ownership or control is legitimate or authorized.

utility An attribute of information that describes how data has value or usefulness for an end purpose.

One of the main reasons security breaches occur within an organization is the lack of a security policy or, if a security policy is in place, the lack of effectively communicating/
enforcing that security policy to all concerned. A security policy is a continually changing document that dictates a set of guidelines for network use. These guidelines complement organizational objectives by specifying rules for how a network
is used.

Aside from protecting an organization's assets, a security policy serves other purposes, such as the following:
■ Making employees aware of their obligations in regard to security practices
■ Identifying specific security solutions required to meet the goals of a security
policy
■ Acting as a baseline for ongoing security monitoring

One of the more well-known components of a security policy is an acceptable use policy (AUP), also known as an appropriate use policy . An AUP identifies what users
of a network are and are not allowed to do on a network. For example, retrieving sports scores during working hours via an organization's Internet connection might be deemed inappropriate by an AUP.

Procedures: To support consistency in a network, and as dictated by the previously mentioned standards, a security policy might include a collection of procedures. These procedures are detailed documents that provide step-by step
instructions for completing specific tasks (for example, steps for configuring port security on an Ethernet switch).

Upgrade to remove ads

Only ₩37,125/year

1. Social Science
2. Sociology
3. Applied Sociology

SY0-501

Terms in this set (85)

- Threats, Attacks, and Vulnerabilities -

Address Resolution Protocol (ARP)

Protocol used to map known IP addresses to unknown physical addresses.

- Threats, Attacks, and Vulnerabilities -

Address Resolution Protocol (ARP) poisoning

An attack that convinces the network that the attacker's MAC (Media Access Control) address is the one associated with an allowed address so that traffic is wrongly sent to attacker's address.

- Threats, Attacks, and Vulnerabilities -

adware

Software that gathers information to pass on to marketers or that intercepts personal data such as credit card numbers and makes it available to third parties.

- Threats, Attacks, and Vulnerabilities -

antivirus software

Software that identifies the presence of a virus and is capable of removing or quarantining the virus

- Threats, Attacks, and Vulnerabilities -

armored virus

A virus that is protected in a way that makes disassembling it difficult. The difficulty makes it "armored" against antivirus programs that have trouble getting to, and understanding, its code.

- Threats, Attacks, and Vulnerabilities -

ARP spoofing

More commonly known as ARP poisoning, this involves the MAC (Media Access Control) address of the data being faked.

- Threats, Attacks, and Vulnerabilities -

attack

Any unauthorized intrusion into the normal operations of a computer or computer network. The attack can be carried out to gain access to the system or any of its resources.

- Threats, Attacks, and Vulnerabilities -

attack surface

The area of an application that is available to users—those who are authenticated and, more importantly, those who are not.

- Threats, Attacks, and Vulnerabilities -

attack surface reduction (ASR)

Minimizing the possibility of exploitation by reducing the amount of code and limiting potential damage.

- Threats, Attacks, and Vulnerabilities -

backdoor

An opening left in a program application (usually by the developer) that allows additional access to data. Typically, a backdoor is created for debugging purposes and is not documented. Before the product ships, the backdoors are closed; when they aren't closed, security loopholes exist.

- Threats, Attacks, and Vulnerabilities -

bot

An automated software program (network robot) that collects information on the web. In its malicious form, a bot is a compromised computer being controlled remotely.

- Threats, Attacks, and Vulnerabilities -

buffer overflow

A type of denial-of-service (DoS) attack that occurs when more data is put into a buffer than it can hold, thereby overflowing it (as the name implies).

- Threats, Attacks, and Vulnerabilities -

clickjacking

Using multiple transparent or opaque layers to trick a user into clicking a button or link on another page when they had intended to click on the top page.

- Threats, Attacks, and Vulnerabilities -

companion virus

A virus that creates a new program that runs in the place of an expected program of the same name.

- Threats, Attacks, and Vulnerabilities -

cross-site request forgery (XSRF)

A form of web-based attack in which unauthorized commands are sent from a user that a website trusts.

- Threats, Attacks, and Vulnerabilities -

cross-site scripting (XSS)

Running a script routine on a user's machine from a website without their permission.

- Threats, Attacks, and Vulnerabilities -

denial-of-service (DoS)

A type of attack that prevents any users —even legitimate ones—from using a system.

- Threats, Attacks, and Vulnerabilities -

dictionary attack

The act of attempting to crack passwords by testing them against a list of dictionary words.

- Threats, Attacks, and Vulnerabilities -

distributed denial-of-service (DDoS)

A derivative of a DoS attack in which multiple hosts in multiple locations all focus on one target to reduce its availability to the public. This can be accomplished through the use of compromised systems, botnets, and other means.

- Threats, Attacks, and Vulnerabilities -

DNS poisoning

An attack method in which a daemon caches DNS reply packets, which sometimes contain other information (data used to fill the packets). The extra data can be scanned for information useful in a break-in or man-in-the-middle attack.

- Threats, Attacks, and Vulnerabilities -

DNS spoofing

The DNS server is given information about a name server that it thinks is legitimate when it isn't.

- Threats, Attacks, and Vulnerabilities -

Domain Name System (DNS)

The network service used in TCP/IP networks that translates hostnames to IP addresses.

- Threats, Attacks, and Vulnerabilities -

integer overflow

Putting too much information into too small of a space that has been set aside for numbers.

- Threats, Attacks, and Vulnerabilities -

IP spoofing

Making the data look as if it came from a trusted host when it didn't (thus spoofing the IP address of the sending host).

- Threats, Attacks, and Vulnerabilities -

least privilege

A permission method in which users are granted only the privileges necessary to perform their job function.

- Threats, Attacks, and Vulnerabilities -

least privilege policy

The policy of giving a user only the minimum permissions needed to do the work that must be done.

- Threats, Attacks, and Vulnerabilities -

logic bomb

Any code that is hidden within an application and causes something unexpected to happen based on some criteria being met. For example, a programmer could create a program that always makes sure her name appears on the payroll roster; if it doesn't, then key files begin to be erased.

- Threats, Attacks, and Vulnerabilities -

macro virus

A software exploitation virus that works by using the macro feature included in many applications, such as Microsoft Office.

- Threats, Attacks, and Vulnerabilities -

malicious code

Any code that is meant to do harm.

- Threats, Attacks, and Vulnerabilities -

malicious insider threat

A threat from someone inside the organization intent on doing harm.

- Threats, Attacks, and Vulnerabilities -

man-in-the-middle

An attack that occurs when someone/something that is trusted intercepts packets and retransmits them to another party. Man-in-the-middle attacks have also been called TCP/IP hijacking in the past.

- Threats, Attacks, and Vulnerabilities -

multipartite virus

A virus that attacks a system in more than one way.

- Threats, Attacks, and Vulnerabilities -

password attacks

Attempting to ascertain a password that you should not know.

- Threats, Attacks, and Vulnerabilities -

phage virus

A virus that modifies and alters other programs and databases.

- Threats, Attacks, and Vulnerabilities -

ping of death

A large Internet Control Message Protocol (ICMP) packet sent to overflow the remote host's buffer. A ping of death usually causes the remote host to reboot or hang.

- Threats, Attacks, and Vulnerabilities -

polymorphic

An attribute of some viruses that allows them to mutate and appear differently each time they crop up. The mutations make it harder for virus scanners to detect (and react) to the viruses.

- Threats, Attacks, and Vulnerabilities -

privilege escalation

The result when a user obtains access to a resource that they wouldn't normally be able to access. Privilege escalation can be done inadvertently by running a program with Set User ID (SUID) or Set Group ID (SGID) permissions or by temporarily becoming another user (via su or sudo in Unix/Linux or RunAs in Windows). It can also be done purposefully by an attacker seeking full access.

- Threats, Attacks, and Vulnerabilities -

ransomware

Software that demands payment before restoring the data or system infected.

- Threats, Attacks, and Vulnerabilities -

replay attack

An attack that captures portions of a session to play back later to convince a host that it is still talking to the original connection.

- Threats, Attacks, and Vulnerabilities -

retrovirus

A virus that attacks or bypasses the antivirus software installed on a computer.

- Threats, Attacks, and Vulnerabilities -

rogueware

A form of malware that tries to convince the user to pay for a fake threat.

- Threats, Attacks, and Vulnerabilities -

rootkit

Software program that has the ability to obtain root-level access and hide certain things from the operating system.

- Threats, Attacks, and Vulnerabilities -

scareware

Software that tries to convince unsuspecting users that a threat exists.

- Threats, Attacks, and Vulnerabilities -

shim

A small library that is created to intercept API calls transparently.

spoofing

An attempt by someone or something to masquerade as someone/something else.

- Threats, Attacks, and Vulnerabilities -

spyware

Software programs that work—often actively—on behalf of a third party.

stealth virus

A virus that attempts to avoid detection by masking itself from applications.

- Threats, Attacks, and Vulnerabilities -

Trojan horse

Any application that masquerades as one thing in order to get past scrutiny and then does something malicious. One of the major differences between Trojan horses and viruses is that Trojan horses tend not to replicate themselves.

- Threats, Attacks, and Vulnerabilities -

typo squatting

Creating domains that are based on the misspelling of another.

- Threats, Attacks, and Vulnerabilities -

URL hijacking

Registering domains that are similar to those for a known entity but based on a misspelling or typographical error.

- Threats, Attacks, and Vulnerabilities -

virus

A program intended to damage a computer system.

- Threats, Attacks, and Vulnerabilities -

watering hole attack

Identifying a site that is visited by those whom they are targeting, poisoning that site, and then waiting for the results.

- Threats, Attacks, and Vulnerabilities -

Xmas attack

An advanced attack that tries to get around detection and send a packet with every single option enabled.

- Threats, Attacks, and Vulnerabilities -

zero-day exploit

An attack that begins the very day an exploit is discovered.

- Threats, Attacks, and Vulnerabilities -

zombie

Any system taking directions from a master control computer. Zombies are often used in distributed denial of-service (DDoS) and botnet attacks.

- Threats, Attacks, and Vulnerabilities -

NOTE: The best defense against a virus attack is up-to-date antivirus software that is installed and running. The software should be on all workstations as well as the server. A whitelist of allowed applications should also be created and adhered to.

NOTE: The best defense against a virus attack is up-to-date antivirus software that is installed and running. The software should be on all workstations as well as the server. A whitelist of allowed applications should also be created and adhered to.

- Threats, Attacks, and Vulnerabilities -

NOTE: An older term generically used for all man-in-the-middle attacks is TCP/IP hijacking.

NOTE: An older term generically used for all man-in-the-middle attacks is TCP/IP hijacking.

- Threats, Attacks, and Vulnerabilities -

Exam Essentials: Be able to describe the various types of attacks to which your systems are exposed.

Your network is vulnerable to DoS attacks caused by either a single system or multiple systems. Multiple system attacks are called DDoS. Your systems are also susceptible to access, modification, and repudiation attacks.

- Threats, Attacks, and Vulnerabilities -

Exam Essentials: Be able to describe the methods used to conduct a backdoor attack.

Backdoor attacks occur using either existing maintenance hooks or developmental tools to examine the internal operations of a program. These hooks are usually removed when a product is prepared for market or production. Backdoor attacks also refer to inserting into a machine a program or service that allows authentication to be bypassed and access gained.

- Threats, Attacks, and Vulnerabilities -

Exam Essentials: Know how a spoofing attack occurs.

Spoofing attacks occur when a user or system masquerades as another user or system. Spoofing allows the attacker to assume the privileges and access rights of the real user or system.

- Threats, Attacks, and Vulnerabilities -

Exam Essentials: Be able to describe a man-in-the-middle attack.

Man-in-the-middle attacks are based on the principle that a system can be placed between two legitimate users to capture or exploit the information being sent between them. Both sides of the conversation assume that the man in the middle is the other end and communicate normally. This creates a security breach and allows unauthorized access to information.

- Threats, Attacks, and Vulnerabilities -

Exam Essentials: Be able to describe a replay attack.

A replay attack captures information from a previous session and attempts to resend it to gain unauthorized access. This attack is based on the premise that if it worked once, it will work again. This is especially effective in environments where a user ID and password are sent in the clear across a large network.

- Threats, Attacks, and Vulnerabilities -

Exam Essentials: Know the characteristics and types of viruses used to disrupt systems and networks.

Several different types of viruses are floating around today. The most common ones are polymorphic viruses, stealth viruses, retroviruses, multipartite viruses, and macro viruses.

- Threats, Attacks, and Vulnerabilities -

Exam Essentials: Be able to explain the characteristics of Trojan horses and logic bombs.

Trojan horses are programs that enter a system or network under the guise of another program. Logic bombs are programs or snippets of code that execute when a certain predefined event occurs.

- Threats, Attacks, and Vulnerabilities -

Exam Essentials: Be able to describe how antivirus software operates.

Antivirus software looks for a signature in the virus to determine what type of virus it is. The software then takes action to neutralize the virus based on a virus definition database. Virus definition database files are regularly made available on vendor sites.

- Threats, Attacks, and Vulnerabilities -

As the security administrator for your organization, you must be aware of all types of attacks that can occur and plan for them. Which type of attack uses more than one computer to attack the victim?
A. DoS
B. DDoS
C. Worm
D. UDP attack

B. A DDoS attack uses multiple computer systems to attack a server or host in the network.

- Threats, Attacks, and Vulnerabilities -

An alert signals you that a server in your network has a program running on it that bypasses authorization. Which type of attack has occurred?
A. DoS
B. DDoS
C. Backdoor
D. Social engineering

C. In a backdoor attack, a program or service is placed on a server to bypass normal security procedures.

- Threats, Attacks, and Vulnerabilities -

An administrator at a sister company calls to report a new threat that is making the rounds. According to him, the latest danger is an attack that attempts to intervene in a communications session by inserting a computer between the two systems that are communicating. Which of the following types of attacks does this constitute?
A. Man-in-the-middle attack
B. Backdoor attack
C. Worm
D. TCP/IP hijacking

A. A man-in-the-middle attack attempts to fool both ends of a communications session into believing that the system in the middle is the other end.

- Threats, Attacks, and Vulnerabilities -

You've discovered that an expired certificate is being used repeatedly to gain logon privileges. Which type of attack is this most likely to be?
A. Man-in-the-middle attack
B. Backdoor attack
C. Replay attack
D. TCP/IP hijacking

C. A replay attack attempts to replay the results of a previously successful session to gain access.

- Threats, Attacks, and Vulnerabilities -

Which type of attack denies authorized users access to network resources?
A. DoS
B. Worm
C. Logic bomb
D. Social engineering

A. A DoS attack is intended to prevent access to network resources by overwhelming or flooding a service or network.

- Threats, Attacks, and Vulnerabilities -

Your system has just stopped responding to keyboard commands. You noticed that this occurred when a spreadsheet was open and you connected to the Internet. Which kind of attack has probably occurred?
A. Logic bomb
B. Worm
C. Virus
D. ACK attack

A. A logic bomb notifies an attacker when a certain set of circumstances has occurred. This may in turn trigger an attack on your system.

- Threats, Attacks, and Vulnerabilities -

You're explaining the basics of security to upper management in an attempt to obtain an increase in the networking budget. One of the members of the management team mentions that they've heard of a threat from a virus that attempts to mask itself by hiding code from antivirus software. What type of virus is she referring to?
A. Armored virus
B. Malevolent virus
C. Worm
D. Stealth virus

A. An armored virus is designed to hide the signature of the virus behind code that confuses the antivirus software or blocks it from detecting the virus.

- Threats, Attacks, and Vulnerabilities -

What kind of virus could attach itself to the boot sector of your disk to avoid detection and report false information about file sizes?
A. Trojan horse virus
B. Stealth virus
C. Worm
D. Polymorphic virus

B. A stealth virus reports false information to hide itself from antivirus software. Stealth viruses often attach themselves to the boot sector of an operating system.

- Threats, Attacks, and Vulnerabilities -

What is it known as when an attacker manipulates the database code to take advantage of a weakness in it?
A. SQL tearing
B. SQL manipulation
C. SQL cracking
D. SQL injection

D. SQL injection occurs when an attacker manipulates the database code to take advantage of a weakness in it.

- Threats, Attacks, and Vulnerabilities -

What term describes when the item used to validate a user's session, such as a cookie, is stolen and used by another to establish a session with a host that thinks it is still communicating with the first party?
A. Patch infiltration
B. XML injection
C. Session hijacking
D. DTB exploitation

C. Session hijacking occurs when the item used to validate a user's session, such as a cookie, is stolen and used by another to establish a session with a host that thinks it is still communicating with the first party.

- Threats, Attacks, and Vulnerabilities -

Which of the following involves unauthorized commands coming from a trusted user to the website?
A. ZDT
B. HSM
C. TT3
D. XSRF

D. XSRF involves unauthorized commands coming from a trusted user to the website. This is often done without the user's knowledge, and it employs some type of social networking to pull it off.

- Threats, Attacks, and Vulnerabilities -

When a hole is found in a web browser or other software, and attackers begin exploiting it before the developer can respond, what type of attack is it known as?
A. Polymorphic
B. Xmas
C. Malicious insider
D. Zero-day

D. When a hole is found in a web browser or other software, and attackers begin exploiting it the very day it is discovered by the developer (bypassing the one to-two-day response time that many software providers need to put out a patch once the hole has been found), it is known as a zero-day attack.

- Threats, Attacks, and Vulnerabilities -

Which of the following is a small library that is created to intercept API calls transparently?
A. Chock
B. Wedge
C. Refactor
D. Shim

D. A shim is a small library that is created to intercept API calls transparently.

- Threats, Attacks, and Vulnerabilities -

The new head of software engineering has demanded that all code be tested to identify the design flow and then modified, as needed, to clean up routines without changing the code's visible behavior. What is this process known as?
A. Straightening
B. Sanitizing
C. Refactoring
D. Uncluttering

C. Refactoring involves testing to identify the design flow and then modifying, as needed, to clean up routines without changing the code's visible behavior.

- Threats, Attacks, and Vulnerabilities -

Karl from Accounting is in a panic. He is convinced that he has identified malware on the servers—a type of man-in-the-middle attack in which a Trojan horse manipulates calls between the browser and yet still displays back the user's intended transaction. What type of attack could he have stumbled on?
A. Man-in-the-browser
B. Man-in-the-castle
C. Man-in-the-code
D. Man-in-the-business

A. Man-in-the-browser is a type of man-in-the-middle attack in which a Trojan horse manipulates calls between the browser and its security mechanisms yet still displaying back the user's intended transaction.

- Threats, Attacks, and Vulnerabilities -

Pass-the-hash attacks take advantage of a weak encryption routine associated with which protocols?
A. NetBEUI and NetBIOS
B. NTLM and LanMan
C. Telnet and TFTP
D. Chargen and DNS

B. Pass-the-hash attacks take advantage of a weak encryption routine associated with NTLM and LanMan protocols.

- Threats, Attacks, and Vulnerabilities -

The command monlist can be used with which protocol as part of an amplification attack?
A. SMTP
B. NTP
C. SNMP
D. ICMP

B. The command monlist can be used with an NTP amplification attack to send details of the last 600 people who requested network time.

- Threats, Attacks, and Vulnerabilities -

An attacker has placed an opaque layer over the Request A Catalog button on your web page. This layer tricks visitors into going to a form on a different website and giving their contact information to another party when their intention was to give it to you. What type of attack is this known as?
A. Clickjacking
B. Man-in-the-middle
C. XSRF
D. Zero-day

A. Clickjacking involves an attacker using multiple transparent or opaque layers to trick a user into clicking a button or link on another page when they were intending to click the top-level page.

- Threats, Attacks, and Vulnerabilities -

With which of the following is the DNS server given information about a name server that it thinks is legitimate when it isn't?
A. DNS tagging
B. DNS kiting
C. DNS poisoning
D. DNS foxing

C. With DNS poisoning, also known as DNS spoofing, the DNS server is given information about a name server that it thinks is legitimate when it isn't.

- Threats, Attacks, and Vulnerabilities -

It has been brought to your attention that a would-be attacker in Indiana has been buying up domains based on common misspellings of your company's name with the sole intent of creating websites that resemble yours and prey on those who mistakenly stumble onto these pages. What type of attack is this known as?
A. Watering hole
B. Poisoned well
C. Faulty tower
D. Typo squatting

D. Typo squatting involves creating domains that are based on the misspelling of another.

Sets with similar terms

uCertify Chapter 9 Cards

87 terms

xtremekforever

Security+ Attack Types and Terms!!

73 terms

SeanCerts

Security Plus: Chapter 2

51 terms

Riley839

Sets found in the same folder

Security Administration

70 terms

Rle-knight

Disaster Recovery & Incident Response

78 terms

Rle-knight

The OSI Model

21 terms

mattfriend

CompTIA Security+ (SYO-501) Acronyms 2018

313 terms

ProfB76

Other sets by this creator

Social Engineering and Other Foes

116 terms

Rle-knight

Cryptography

94 terms

Rle-knight

Host, Data, and Application Security

52 terms

Rle-knight

Securing the Cloud

47 terms

Rle-knight

Verified questions

SOCIOLOGY

What do you think is the most significant latent function schools perform? Consider the advantages and disadvantages.

Verified answer

SOCIOLOGY

People high in ______ are responsive to others' social and interpersonal cues. agreeableness self-efficacy self-esteem emotional intelligence external locus of control

Verified answer

SOCIOLOGY

Do you think human behavior is more a result of culture or of heredity? Give reasons to support your answer.

Verified answer

SOCIOLOGY

Match the dimensions of stratification with the examples below. Use (W) for wealth, (Po) for power, and (Pr) for prestige. a. the respect accorded doctors b. a politician considering the interests of a political lobby c. the Nobel Peace Prize d. stock market holdings e. a Supreme Court ruling f. real estate assets.

Verified answer

Other Quizlet sets

Heredity & Punnett Squares

34 terms

quizlette40304393

Ch. 5- Relationship Development and Therapeutic Co…

12 terms

kaitlynmmorton

I brevetti

14 terms

grazy_al

Chapter 3 Quiz

25 terms

miyaburton

What are the 3 types of malware attacks?

What is a computer that has been compromised by a malicious code called?

What is a technique used to compromise a system?

What is a collection of compromised computers called?